A Soft Target Risk Application and Threat Analysis Methodology at the Faculty of Applied Informatics in Zlín

This article is focused on Soft Target Risk and Threat Analysis methodology - and especially on its application at the Faculty of Applied Informatics in Zlín (as a Soft Target). The modern world faces many security problems - and terrorism is one of the biggest. Terrorism became an issue known to the general public due to an attack in the United States on September 11, 2001, also referred to as 9/11. And since then many things have changed. In order to avoid, anticipate and analyse terrorist attacks, several methodologies have been developed, like the Soft Target Risk and Threat Analysis methodology. Each methodology is different, and the advantage of the methodology presented in this article is the consideration of time and space.


Introduction
Terrorism. A word people hear about every day. A word that -along with populism, changes the election results. A word that makes people feel, but that feeling is mostly fear. It is not known how long people have been dealing with terrorist attacks. However, for the first time this term was used during the French Revolution [1]. Despite the fact that the word "terrorism" has remained the same since the 18th Century, the techniques of individual terrorist attacks have undergone dramatic innovations practically every day since then. Terrorism entered into widespread public awareness after the attack in the United States of America, when thousands of innocent citizens lost their lives on September 11, 2001 other innocents suffered physical and -above all, psychological damage [2]. From this imaginary milestone, we have encountered and heard about terrorist attacks around the world every year. Most of these attacks are sophisticated, planned well-ahead and are committed for a variety of reasons. It is very difficult to detect these attacks in time and to prevent them, especially if they are directed against defenceless citizens, or demolishing infrastructure, or creating chaos and fear. It is therefore in the best interests and efforts of most of today's states to improve preventive security measures in order to defend against a possible terrorist attack.

Faculty of Applied Informatics
The reference building is located north of the city centre of Zlín, in the part called Jižní Svahy (Southern Slopes). The Jižní Svahy location is characterised by the high number of apartment buildings. Almost a quarter of the total population of Zlín (76 000 inhabitants) lives here. This area is not a significant commercial or industrial zone

Methods
Nowadays, we have many methods for analysing reference objects. Each method is different and many of them also use software tools. Individual methodologies are based on physical models that differ in complexity and segmentation. The accuracy and reliability of the outputs then differ depending on their complexity. In the majority of cases, these were created in order to identify risks for specific companies or institutions.
Individual methods can be divided according to different points-of-view, one of which is the division into induction and deduction. Induction methods allow one to predict equipment failure in a coherent the operating system. This analysis will point out the possible effects that can cause failures, while assessing the consequences of such failures, and then take appropriate measures; while deduction methods analyse accidents and investigate the context from which they arose. Methodologies can also be divided into qualitative and quantitative. However, the biggest difference and the criterion for choice in corporations is usually time and cost [7], [8].

Soft Target Risk Application and Threat Analysis Methodology
In Soft Target Risk Application and Threat Analysis Methodology must be determine location and timing of potential attack. The location of the reference object is divided into outdoor and close surroundings. The time is divided into section when the building is open and lectures can be held (06:00 -22:00) and other section when the building is locked and guarded (22:00 -06:00) [9].
It is also necessary to determine probability that the attack will occur in individual time sections. The evaluation is given by availability, complexity and attractiveness of the reference object. The risk is examined from different sub-categories specific to the reference object. In the case of Faculty of applied Informatics (FAI) with a focus on terrorist attack, the main subcategory is impact on lives and on society. Each subcategory is rated separately on scale from 1 to 7 by characteristics from low to high level of risk [10], [11].

4.
Attack on individuals

5.
Impact on the lives of people in the immediate vicinity

6.
Imminent threat to the lives of the group present

Analysis Results
After identifying the individual subcategories and calculating the overall hazard by the formula: Hazard = Risk x Threat, the resulting data is subjected to location and time factor of the attack. Figure 2 depicts that the location of the attack in front of or in the object is almost identical. This is mainly due to the factor of the high concentration of persons before the main entrance into the building -especially in regular intervals between classes, pauses and the leisure assets of the reference object. On the other hand, Figure 3 shows the localisation of thread based on the daily attack timeand therefore we can see that the students and academic staff of the faculty are particularly at risk when lessons are taking place.

Results and Discussion
The Soft Target Risk Application and Threat Analysis Methodology deals with attacks in terms of accessibility, complexity, attractiveness and their consequent impact on community and lives. After determining the likelihood of a risk and threat, their multiplication shows the total rate of hazard. This hazard is either acceptable or unacceptable -depending on its value. The unacceptable risks were evaluated by aspects of location and time of the potential attack.
Analysing Soft Target Risk Application and Threat Methodology is very beneficial. Compared to other methodologies that do not include these aspects, this one has a clear outcome. However, it is not one of the fastest methods. The result of an exact determination of hour and localization of the time and place can also save money. Of course, the best option is to combine multiple methods to increase the probability of the terrorist attack.

Conclusion
Terrorism is nowadays world issue and it is very difficult to detect and prevent a terrorist attack. However, due to methodologies and preventive safety measures, the possibility of better preparedness or even the prevention of a terrorist attack is possible. Figure 2: Localisation of Threat [11]